[Samba] Samba 3.0 PDC + XP + roaming profile = big, strange mistery of sorts

Louis van Belle louis at van-belle.nl
Tue Oct 11 09:45:05 GMT 2005

Wel i see you have the same problem as i had.

this is my working config now :
        path = /home/samba/profiles
        comment = Profiel omgeving
        read only = no
        create mask = 0600
        directory mask = 0700
        browseable = Yes
        guest ok = Yes
        csc policy = disable
        # next line is a great way to secure the profiles
        force user = %U
        # next line allows administrator to access all profiles
        valid users = %U @"Domain Admins"

The /home/samba/profiles dir MUST HAVE 777 Rights. ( and
Administrator:Domain Admin in my case.)
Also check what rights there are now on the user folders.
example /home/samba/profiles/myusername has 0700 if its correct.

you can simpel fix this, first login the users on
the computers in in the domain, check if there profile is correct.

now the scary thing, remove all the user profiles, and beter MOVE THEM !!!!

now log out 1 computer, and login again, put something on the desktop 
and check if it worked. I fixed 50 profiles this way on the fly 
when everybody was working, and nobody notised.


>-----Oorspronkelijk bericht-----
>Van: Bruno Ferreira [mailto:morphine at digitalmente.net] 
>Verzonden: dinsdag 11 oktober 2005 11:17
>Aan: Louis van Belle
>Onderwerp: Re: [Samba] Samba 3.0 PDC + XP + roaming profile = 
>big, strange mistery of sorts
>Louis van Belle wrote: 
>	Hi, 
>	This seems familuar to me.. 
>		Now, here comes the real problem:
>		- The user can now log on, except that all of 
>Windows' settings were 
>		gone, and back to the default.
>		- The profile *was* downloaded to the local 
>machine, and all the files 
>		were present, but it acted as if the registry 
>somehow wasn't present.
>		- Even after redoing some configuration, on 
>logging off, even though 
>		some files in the roaming profile were updated 
>in the server 
>		included), logging in again produced the same problem.
>		- Deleted all local copies of the profile. Same 
>thing. I 
>		always reverted 
>		to a known-good copy of the profile between tests.
>		- Checked permissions on the local copy of the profile. 
>		Permissions were 
>		OK, the domain user had the full control over his local 
>		profile directory.
>		- Out of spite, said machine was reformatted. 
>Problem repeated itself 
>		and remained. Note: said machine has no different 
>		configuration from any 
>		other; the user also has a regular roaming 
>profile like anyone else.
>	Do you have the setting POFILES ACL = YES .. set it to NO.
>	I had the same problem as above and this resolved it for me.
>	can you post you config of the [profiles]
>	Louis
>    Here it goes, and yes, profile acls is set to "Yes". That 
>was the only change in the Samba side in the upgrade, and it 
>was necessary because if it wasn't set to "yes", then none of 
>the XP boxes would load the profiles (claiming it couldn't 
>find the network service). Looking through the logs, I'd see 
>that it tried to look for the [user] share in profiles, which 
>existed, but somehow wasn't accessible. Setting profile acls 
>solved that. Could that be related?
>    [Profiles]
>        path = /docs/main/profiles
>        read only = No
>        profile acls = Yes
>        writeable = Yes
>        browseable = No
>        create mode = 0600
>        directory mode = 0700
>    -- Bruno Ferreira

More information about the samba mailing list